WHAT IS CLAIMED IS : 

1. A filtering apparatus, interposed between a client 
and a server, said server providing services depending on 
access requests from said client, for passing to said server 
5 only a correct access request from said client, said 
filtering device comprising: 

an incorrect pattern database which stores patterns 
of incorrect accesses to said server; 

an estimation unit which estimates the correctness 
10 of the access request on the basis of the patterns of incorrect 
accesses stored in said incorrect pattern database and a 
predetermined estimation rule; and 

a decision unit which decides , on the basis of a result 
of estimation by said estimation unit and a predetermined 
15 decision rule, whether the access request is to be passed 
to said server. 



2 . The filtering apparatus according to claim 1 , wherein 
said estimation unit estimates that the access request is 

20 an incorrect access when the access request corresponds to 
any one of the patterns of incorrect accesses stored in said 
incorrect pattern database, and estimates that the access 
request is a correct access when the access request does 
not correspond to any one the patterns of incorrect accesses 

25 stored in the incorrect pattern database, and 
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said decision unit decides that the access request 
which is estimated as an incorrect access by said estimation 
unit is not to be passed to said server, and decides that 
the access request which is estimated as a correct access 
5 by said estimation unit is to be passed to said server. 

3 . The filtering apparatus according to claim 1 , wherein 
said estimation unit calculates a predetermined estimation 
value depending on the degree of correspondence between the 

10 access request and the patterns of incorrect accesses stored 
in said incorrect pattern database, and 

said decision unit compares the estimation value 
calculated by said estimation unit with a predetermined 
threshold value to decide whether the access request is to 

15 be passed to said server. 

4. The filtering apparatus according to claim 1 further 
comprising : 

a correct pattern database which stores patterns of 
20 correct accesses to said server; and 

an advance decision unit which decides whether the 
access request corresponds to any one of the patterns of 
correct accesses stored in said correct pattern database 
prior to estimation of correctness performed by said 
25 estimation unit, 



wherein said estimation unit estimates correctness 
of only that access request which said advance decision unit 
decides that does not correspond to the patterns of correct 
accesses stored in said correct pattern database. 

5 

5. The filtering apparatus according to claim 1 further 
comprising an external transmission unit which transmits 
an access request which is decided not to be passed to said 
server by said decision unit to a predetermined external 

10 device on the basis of a predetermined external transmission 
rule . 

6. The filtering apparatus according to claim 1 further 
comprising a storage unit which stores an access request 

15 which is decided not to be passed to said server by said 
decision unit on the basis of a predetermined storage rule. 

7 . The filtering apparatus according to claim 1 further 
comprising an updating unit which updates the incorrect 

20 pattern database, the correct pattern database, the 
estimation rule, the decision rule, the external 
transmission rule, the storage rule, or an updating rule 
on the basis of a predetermined updating rule. 

25 
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8 . A filtering method of passing to a server only a correct 
access request from a client, said server providing services 
depending on access requests from said client, the method 
comprising the steps of: 

referring to an incorrect pattern database in which 
the patterns of incorrect accesses to said server are stored 
to estimate correctness of the access request on the basis 
of the patterns of incorrect accesses which are referred 
to and a predetermined estimation rule; and 

deciding, on the basis of result of the estimation 
at the estimation step and a predetermined decision rule, 
whether the access request is to be passed to said server. 

9. The filtering method according to claim 8, wherein 
in the estimation step it is estimated that the access request 
is an incorrect access when the access request corresponds 
to any one of the patterns of incorrect accesses stored in 
the incorrect pattern database, and it is estimated the 
access request is a correct access when the access request 
does not correspond to any one the patterns of incorrect 
accesses stored in said incorrect pattern database, and 
in the decision step it is decided that the access 
request which is estimated as an incorrect access at the 
estimation step is not to be passes to said server, and it 
is decided that the access request which is estimated as 



a correct access at the estimation step is to be passed to 
said server. 

10. The filtering method according to claim 8, wherein 
at the estimation step a predetermined estimation value is 
calculated depending on the degree of correspondence between 
the access request and the patterns of incorrect accesses 
stored in said incorrect pattern database, and 

in the decision step the estimation value calculated 
at the estimation step is compared with a predetermined 
threshold value to decide whether the access request is to 
be passed to said server. 

11. The filtering method according to claim 8 further 
15 comprising the advance decision step of deciding, with 

reference to a correct pattern database in which patterns 
of correct accesses to said server are stored, whether the 
access request corresponds to any one of the patterns of 
correct accesses stored in said correct pattern database 

20 prior to estimation of correctness performed by the 
estimation step, 

wherein in the estimation step correctness of only 
an access request which is decided not to correspond to the 
patterns of correct accesses at the advance decision step 

25 is estimated. 
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12. The filtering method according to claim 8 further 
comprising the external transmission step of transmitting 
an access request which is decided not to be passed to said 
server at the decision step to a predetermined external 

5 device on the basis of a predetermined external transmission 
rule . 

13. The filtering method according to claim 8 further 
comprising the storage step of storing an access request 

10 which is decided not to be passed to said server at the decision 
step on the basis of a predetermined storage rule. 

14. The filtering method according to claim 8 further 
comprising the updating step of updating the incorrect 

15 pattern database, the correct pattern database, the 
estimation rule, the decision rule, the external 
transmission rule, the storage rule, or an updating rule 
on the basis of a predetermined updating rule. 

20 15 . A computer program containing instructions which when 
executed on a computer realizes a filtering method of passing 
to a server only a correct access request from a client, 
said server providing services depending on access requests 
from said client, the method comprising the steps of: 

25 referring to an incorrect pattern database in which 
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the patterns of incorrect accesses to said server are stored 
to estimate correctness of the access request on the basis 
of the patterns of incorrect accesses which are referred 
to and a predetermined estimation rule; and 
5 deciding, on the basis of result of the estimation 

at the estimation step and a predetermined decision rule, 
whether the access request is to be passed to said server. 

16. The computer program according to claim 15, wherein 
10 in the estimation step it is estimated that the access request 
is an incorrect access when the access request corresponds 
to any one of the patterns of incorrect accesses stored in 
the incorrect pattern database, and it is estimated the 
access request is a correct access when the access request 
15 does not correspond to any one the patterns of incorrect 
accesses stored in said incorrect pattern database, and 
in the decision step it is decided that the access 
request which is estimated as an incorrect access at the 
estimation step is not to be passes to said server, and it 
20 is decided that the access request which is estimated as 
a correct access at the estimation step is to be passed to 
said server. 

25 
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17. The computer program according to claim 15, wherein 
at the estimation step a predetermined estimation value is 
calculated depending on the degree of correspondence between 
the access request and the patterns of incorrect accesses 
stored in said incorrect pattern database, and 

in the decision step the estimation value calculated 
at the estimation step is compared with a predetermined 
threshold value to decide whether the access request is to 
be passed to said server. 

18. The computer program according to claim 15 further 
containing instructions which when executed on a computer 
realize the advance decision step of deciding, with reference 
to a correct pattern database in which patterns of correct 
accesses to said server are stored, whether the access 
request corresponds to any one of the patterns of correct 
accesses stored in said correct pattern database prior to 
estimation of correctness performed by the estimation step, 

wherein in the estimation step correctness of only 
an access request which is decided not to correspond to the 
patterns of correct accesses at the advance decision step 
is estimated. 



19. The computer program according to claim 15 further 
containing instructions which when executed on a computer 
realize the external transmission step of transmitting an 
access request which is decided not to be passed to said 

5 server at the decision step to a predetermined external 
device on the basis of a predetermined external transmission 
rule . 

20. The computer program according to claim 15 further 
containing instructions which when executed on a computer 
realize the storage step of storing an access request which 
is decided not to be passed to said server at the decision 
step on the basis of a predetermined storage rule. 

21. The computer program according to claim 15 further 
containing instructions which when executed on a computer 
realize the updating step of updating the incorrect pattern 
database, the correct pattern database , the estimation rule f 
the decision rule, the external transmission rule, the 
storage rule, or an updating rule on the basis of a 
predetermined updating rule. 
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